TPG Social Media

Is your network secure?

You have to ask yourself if your network is secure…failure to evaluate this very important question can cause you significant harm.

As is the case in our everyday lives we often say it will not happen to us, but when it does we then ask why didn’t we do more to protect ourselves. In a world of open framework internet, and the criminal intent of so many hackers it perhaps is only a matter of time, and yet as this story reflects most of us feel that our networks are safe, but then when we drill deeper we also recognize that we are vulnerable for hacks. The head of IT in any company must take his job seriously, and he must understand what vulnerabilities we have in our systems, and address them. Great article by Courtney.

94% of IT Employees Think Their Network Is Secure Enough to Keep Out Hackers

By Courtney Theim

THU | JUL 20, 2017 | 10:26 AM PDT

Ninety-four percent of IT employees feel that their perimeter security is enough to keep out the bad guys, and yet in the same survey, 68% report that unauthorized users can gain access to their network.

Sounds like a communication issue. Or is it?

In a recent study by Gemalto, findings show that employees are overly confident that they can protect their networks from hackers, but unsure about keeping their data safe.

Why does this disconnect exist when almost 1.4 billion records were lost or stolen in 2016 alone?

Shouldn’t everyone be running in terror, stacking chairs against the doors of their data center to keep malicious attackers at bay? That would be some innovative perimeter security, wouldn’t it?

Maybe the focus is resting too heavily on perimeter security in general. If 94% feel their perimeter security will keep out hackers, but 68% think hackers can still get access to their network, then their perimeter security is going to be pretty useless once the hackers are already inside.

This is especially true as more sophisticated campaigns persist, such as spear-phishing techniques that bypass perimeter security by design.

Once the attacker has breached the network and bypassed firewalls, 65% of IT employees are not “extremely confident” that company data would be safe, but 59% of organizations in the same survey think that all of their private data is secure.

This suggests a miscommunication between IT practitioners and management about what is really going on inside the network. Furthermore, 55% reported not even knowing where all of their data is stored!

Perhaps most shocking is the finding that 14% of IT decision makers would not trust their own company to protect their own personal data. If the key players making the decisions on how data is protected and stored can’t trust their own procedures, why should consumers?

Maybe the daily onslaught of breaches spattered across the news has something to do with security confidence.

“As a result of high-profile data breaches in the news, around eight in ten (79%) respondents’ organizations have adjusted their security strategy. A third (33%) have changed their strategy a lot as a result. If organizations were confident in their ability to secure their data and their strategies to do this, they would be less likely to react to outside breaches and could concentrate instead on making better use of their data,” the survey reports.

Following a breach, a large part of the conversation is shaped around the encryption of sensitive data, or lack thereof.

Eighty-nine percent of those surveyed thought that encryption is “critically or very important,” yet generally only 8% of data that has been breached was encrypted.

What does this mean for companies trying to protect their data?

Perimeter security alone is not enough to properly protect sensitive data, and confidence should not rest there solely.

“It is clear that there is a divide between organizations’ perceptions of the effectiveness of perimeter security and the reality,” said Jason Hart, Vice President and Chief Technology Officer for Data Protection at Gemalto. “By believing that their data is already secure, businesses are failing to prioritize the measures necessary to protect their data. Businesses need to be aware that hackers are after a company’s most valuable asset—data. It’s important to focus on protecting this resource, otherwise reality will inevitably bite those that fail to do so.”